Omniscia SoMee Audit
Compilation
Compilation
The project utilizes truffle
as its development pipeline tool, containing an array of tests and scripts coded in JavaScript.
To compile the project, the compile
command needs to be issued via the truffle
CLI tool:
truffle compile
The truffle
tool automatically selects Solidity version 0.6.8
based on the version specified within the truffle-config.js
file.
The project contains discrepancies with regards to the Solidity version used as the pragma
statements differ between them, however, they are solely located in dependencies and can be safely ignored. The version locked in the truffle-config.js
file is 0.6.8
, the same one utilized for our static analysis as well as optimizational review of the codebase.
We identified that the optimizer
options within the truffle
configurational file are improperly set and we advise the SoMee team to set the runs
value to something low, like 200
, as the higher the value the less of an optimization is applied.